The present invention relates to security validation, and more specifically, but not exclusively, to detecting security validation data for a process.
Value-based dynamic security analysis validation is based on injecting a value as a part of an attack upon computer system security and checking if that value (or an acceptable variant of the value) has reached a sink, where a sink is a security sensitive operation. Dynamic security analysis of a computer system typically involves instantiation of an application with a certain attack payload, validating the attack and continuing to a next attack for analysis. It can be challenging to accurately determine when an attack is non-vulnerable such that the security analysis can continue to move on to the next attack. Validation can be performed by monitoring sinks after waiting a sufficient period of time to allow the application to execute any code that might trigger vulnerability. For example, an application may access a web service, wait for a response and only then execute a database query that can lead to injecting the value.